Microsoft rolls out hardware-accelerated BitLocker in Windows 11

Microsoft is rolling out hardware-accelerated BitLocker in Windows 11 to address growing performance and security concerns by leveraging the capabilities of system-on-a-chip and CPU. BitLocker is the native full-disk encryption feature in Windows that protects data from being readable without proper authentication. During normal device boot, it relies on the Trusted Platform Module (TPM) to securely […]

New UEFI flaw enables pre-boot attacks on motherboards from Gigabyte, MSI, ASUS, ASRock

The UEFI firmware implementation in some motherboards from ASUS, Gigabyte, MSI, and ASRock is vulnerable to direct memory access (DMA) attacks that can bypass early-boot memory protections. The security issue has received multiple identifiers (CVE-2025-11901, CVE-2025‑14302, CVE-2025-14303, and CVE-2025-14304) due to differences in vendor implementations DMA is a hardware feature that allows devices such as graphics […]

Synology fixes BeeStation zero-days demoed at Pwn2Own Ireland

Synology has addressed a critical-severity remote code execution (RCE) vulnerability in BeeStation products that was demonstrated at the recent Pwn2Own hacking competition. The security issue (CVE-2025-12686) is described as a ‘buffer copy without checking the size of input’ problem, and can be exploited to allow arbitrary code execution. It impacts multiple versions of BeeStation OS, the […]

DrayTek warns of remote code execution bug in Vigor routers

Networking hardware maker DrayTek released an advisory to warn about a security vulnerability in several Vigor router models that could allow remote, unauthenticated actors to execute perform arbitrary code. The flaw, tracked identified as CVE-2025-10547, was reported to the vendor on July 22 by ChapsVision security researcher Pierre-Yves Maes. “The vulnerability can be triggered when unauthenticated remote attackers send […]

D-Link won’t fix critical bug in 60,000 exposed EoL modems

Tens of thousands of exposed D-Link routers that have reached their end-of-life are vulnerable to a critical security issue that allows an unauthenticated remote attacker to change any user’s password and take complete control of the device. The vulnerability was discovered in the D-Link DSL6740C modem by security researcher Chaio-Lin Yu (Steven Meow), who reported it to Taiwan’s […]

Hackers target critical zero-day vulnerability in PTZ cameras

Hackers are attempting to exploit two zero-day vulnerabilities in PTZOptics pan-tilt-zoom (PTZ) live streaming cameras used in industrial, healthcare, business conferences, government, and courtroom settings. In April 2024, GreyNoise discovered CVE-2024-8956 and CVE-2024-8957 after its AI-powered threat detection tool, Sift, detected unusual activity on its honeypot network that did not match any known threats. Upon examination of […]

Intel, AMD CPUs on Linux impacted by newly disclosed Spectre bypass

The latest generations of Intel processors, including Xeon chips, and AMD’s older microarchitectures on Linux are vulnerable to new speculative execution attacks that bypass existing ‘Spectre’ mitigations. The vulnerabilities impact Intel’s 12th, 13th, and 14th chip generations for consumers and the 5th and 6th generation of Xeon processors for servers, along with AMD’s Zen 1, Zen […]